﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
using System.Configuration;

namespace NXBSaiGon.Account
{
    public partial class Login : System.Web.UI.Page
    {
        private SqlConnection conn = new SqlConnection(ConfigurationManager
                                                        .ConnectionStrings["NXBSaiGonConnectionString1"]
                                                        .ConnectionString);
        protected void Page_Load(object sender, EventArgs e)
        {
            //RegisterHyperLink.NavigateUrl = "Register.aspx?ReturnUrl=" + HttpUtility.UrlEncode(Request.QueryString["ReturnUrl"]);
        }

        protected void Button_Login(object sender, EventArgs e)
        {
            string user = UserName.Text;
            string pass = Password.Text;

            // mở kết nối để thực thi lệnh truy vấn
            conn.Open();
            SqlCommand cmd = new SqlCommand("SELECT COUNT(*) FROM KhachHang " +
                                            "WHERE Username='" + user + "' AND Password='" + pass + "'", conn);
            int count = (int)cmd.ExecuteScalar();
            conn.Close();
            if (count != 0)
            {
                if (user == "admin")
                {
                    Session["username"] = null;
                    Response.Redirect("~/Admin/ConfirmAdmin.aspx");
                }
                Session["username"] = user;
                Response.Redirect("../Book.aspx");

            }
            else
                Result.Text = "<p style='color:Red'>* Login Failed. Invalid Username / Password. </p>";
        }

        
    }
}
